1 00:00:00,810 --> 00:00:01,830 UDP scarer. 2 00:00:04,540 --> 00:00:08,050 So in our previous lessons, we discussed the UDP scan. 3 00:00:09,190 --> 00:00:14,890 Most of the services that are popular in service systems run over TCP protocol, however. 4 00:00:15,790 --> 00:00:19,120 UDP services are also widely used. 5 00:00:20,580 --> 00:00:31,680 So DNS support 53, S&P PORC 161 and 162, and DHC, CP, or 67 and 68 are the most commonly used services. 6 00:00:33,210 --> 00:00:38,340 UDP scanning is generally slower and it's more difficult than TCP scanning. 7 00:00:39,410 --> 00:00:43,700 So for this reason, some security controllers kind of ignore these ports. 8 00:00:45,850 --> 00:00:49,060 Extensible UDP services are common. 9 00:00:50,110 --> 00:00:54,910 Therefore, this is an error because attackers do not ignore the entire protocol. 10 00:00:57,210 --> 00:01:04,560 So in order to scan UDP with an map, we will need to add the as you parameter to the map command. 11 00:01:05,890 --> 00:01:14,680 And it can be combined with a Tsipi scan type, just as the skin scan as as to control both protocols 12 00:01:14,680 --> 00:01:17,650 using the same scan sound good? 13 00:01:18,860 --> 00:01:23,720 A UDP scan works by sending a UDP packet to each targeted port. 14 00:01:25,170 --> 00:01:27,360 And for most sports, this packet will be empty. 15 00:01:27,660 --> 00:01:34,900 That means no load, but a protocol specific data payload will be sent for several of the more common 16 00:01:34,900 --> 00:01:35,580 sports. 17 00:01:37,190 --> 00:01:42,650 Now, four different situations can occur when we scan UDP with a map. 18 00:01:43,590 --> 00:01:52,290 And these will be open status and so on and maps and UDP packet to the target system, if the UDP response 19 00:01:52,530 --> 00:01:58,500 is sent from the destination system, that means that the destination port is open. 20 00:02:00,620 --> 00:02:08,210 And a closed status, so unmap sends a UDP packet to the target system, and if the ICMP board from 21 00:02:08,210 --> 00:02:14,450 the destination system sends an unreachable error response, that just means that the destination port 22 00:02:14,450 --> 00:02:15,170 is closed. 23 00:02:16,820 --> 00:02:18,920 An operation cannot be performed. 24 00:02:20,800 --> 00:02:22,000 Filtered status. 25 00:02:23,200 --> 00:02:25,980 And Map sends a UDP packet to the target system. 26 00:02:27,470 --> 00:02:33,770 And if the ICMP sends unreachable areas from the target system, the destination port is filtered. 27 00:02:34,980 --> 00:02:37,330 So the port is open, but it cannot be operated. 28 00:02:37,950 --> 00:02:42,060 It's likely that security software is being audited by it. 29 00:02:44,150 --> 00:02:46,100 Open filtered condition. 30 00:02:48,230 --> 00:02:54,200 And sends a UDP packet to the target system, and if there's no response from the target system for 31 00:02:54,200 --> 00:02:59,750 a certain period and MAP accepts eSport as open filtered. 32 00:03:01,550 --> 00:03:07,840 That just means you cannot decide whether the port is open or closed, but still in operation cannot 33 00:03:07,840 --> 00:03:08,680 be performed. 34 00:03:10,600 --> 00:03:12,700 So now let's do a simple UDP scan. 35 00:03:14,740 --> 00:03:21,340 Here's the example, we'll do a UDP top 10 port scan on the Métis voidable server we install. 36 00:03:22,430 --> 00:03:29,960 So we open a virtual box, open, carry Linux, open voidable and log in and call Linux VM. 37 00:03:31,290 --> 00:03:41,850 And open up terminal and right this command and map and zero to two to four as you top or 10 reason 38 00:03:42,360 --> 00:03:44,580 as V and press enter. 39 00:03:46,240 --> 00:03:48,790 And there are your scan results. 40 00:03:50,150 --> 00:03:54,350 So as you can see, the time is too long for the TCP scan. 41 00:03:56,180 --> 00:03:59,990 And Map UDP, scan the top 10 ports and listed the results.